Google Chromium Intents Insufficient Input Validation Vulnerability

Added Aug. 18, 2022 • Due Sept. 8, 2022 • CVE-2022-2856

Overdue Google / Chromium Intents CWE-20

Description

Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Required Action

Apply updates per vendor instructions.

References

https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html
https://nvd.nist.gov/vuln/detail/CVE-2022-2856

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 9 months, 4 weeks ago